Description
A component of Zimbra Collaboration Suite allows an unauthenticated attacker to send an HTTP request to a remote host. An attacker may use this feature to perform SSRF (Server-side request forgery) attacks on the server.
Remediation
Upgrade to the latest version of Zimbra Collaboration Suite
References
Related Vulnerabilities
OpenCms Solr XML External Entity (XXE) vulnerability
Oracle Business Intelligence ReportTemplateService XXE (CVE-2021-2400)
WordPress Server-Side Request Forgery (SSRF) Vulnerability (CVE-2017-9066)
uWSGI Unauthorized Access Vulnerability
WordPress Plugin Blog2Social:Social Media Auto Post & Scheduler Multiple Vulnerabilities (6.9.9)